Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/brannondorsey/sniff-probes
Plug-and-play bash script for sniffing 802.11 probes requests :nose:
https://github.com/brannondorsey/sniff-probes
hacking network-monitoring packet-capture probe-requests wifi
Last synced: about 1 month ago
JSON representation
Plug-and-play bash script for sniffing 802.11 probes requests :nose:
- Host: GitHub
- URL: https://github.com/brannondorsey/sniff-probes
- Owner: brannondorsey
- License: mit
- Created: 2017-07-16T05:29:56.000Z (over 7 years ago)
- Default Branch: master
- Last Pushed: 2018-07-19T14:35:30.000Z (over 6 years ago)
- Last Synced: 2024-12-05T19:42:08.772Z (about 2 months ago)
- Topics: hacking, network-monitoring, packet-capture, probe-requests, wifi
- Language: Shell
- Homepage:
- Size: 4.88 KB
- Stars: 248
- Watchers: 16
- Forks: 44
- Open Issues: 5
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-network-stuff - **179**星 - and-play bash script for sniffing 802.11 probes requests (<a id="7bf0f5839fb2827fdc1b93ae6ac7f53d"></a>工具 / <a id="32739127f0c38d61b14448c66a797098"></a>嗅探&&Sniff)
README
# Sniff Probes
Plug-and-play bash script for sniffing 802.11 probes requests.
## What are Probe Requests?
Probe requests are an 802.11 WIFI packet type that function to automatically connect network devices to the wireless access points (APs) that they have previously associated with. Whenever a phone, computer, or other networked device has Wi-Fi enabled, but is not connected to a network, it is constantly "probing"; openly broadcating the network names (SSIDs) of previously connected APs. Because wireless access points have unique and often personal network names, it is easy to identify the device owner by recognizing the names of networks they frequently connect to.
For a creative application of probe request capture, see [ProbeKit](https://github.com/brannondorsey/ProbeKit).
## Sniffing Probe Requests
```bash
# Type "ifconfig" to list available network devices.
# Wireless devices generally start with a "w"
IFACE=wlan0 ./sniff-probes.sh
``````
00:00:19 -88dBm 00:0a:e2:1f:28:ab "cvteststation01"
00:00:19 -89dBm 00:0a:e2:1f:28:ab "cvteststation01"
00:00:22 -85dBm 5c:aa:fd:20:23:41 "Sonos_pZkIex0zatRvhdJTAifLzmatdh"
00:00:42 -86dBm f4:f5:d8:28:bc:26 "NETGEAR85-5G"
00:00:46 -89dBm f4:f5:d8:28:bc:26 "NETGEAR85-5G"
00:00:48 -84dBm f4:f5:d8:06:19:40 "Pamplona Running Club"
00:01:00 -92dBm 54:60:09:40:56:32 "seawhale"
00:01:13 -87dBm 38:63:bb:d1:6a:b7 "offline"
00:01:25 -83dBm 5c:aa:fd:20:23:41 "Sonos_pZkIex0zatRvhdJTAifLzmatdh"
```
Requires **tcpdump** and **gawk** (GNU awk). Both of these packages are installed on many *nix systems by default, but if they aren't you will have to install them manually. Your wireless device must also support monitor mode. Here is [a list of WiFi cards that support monitor mode](https://www.wirelesshack.org/best-kali-linux-compatible-usb-adapter-dongles-2016.html) (2018).Prints `timetamp`, `signal strength`, `sender MAC address` and `SSID` to screen. Saves output as a space-delimeted "csv" to `probes.txt` by default.
Additional options:
```bash
IFACE=wlan0 OUTPUT=output.txt CHANNEL_HOP=1 ./sniff-probes.sh
````CHANNEL_HOP=1` enables channel hoping on `IFACE` every two seconds. This is used to increase the number of probes captured. Disabled by default.